WordPress AIO Performance Profiler plugin <= 1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin AIO Performance Profiler, Monitor, Optimize, Compress & Debug versions = 1.2...

WordPress WP Google Maps plugin <= 9.0.40 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan in WordPress Plugin WP Go Maps versions = 9.0.40...

WordPress Wp-Scribd-List plugin <= 1.2 - CSRF to XSS vulnerability

CSRF to XSS vulnerability discovered by Joshua Chan in WordPress Plugin Wp-Scribd-List versions = 1.2...

WordPress Google Ads Reports plugin <= 3.1 - Information Exposure vulnerability

Information Exposure vulnerability discovered by Joshua Chan in WordPress Plugin Muzaara Google Ads Report versions = 3.1...

WordPress Tripetto plugin <= 8.0.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress form builder plugin for contact forms, surveys and quizzes – Tripetto versions = 8.0.6...

WordPress WP-NERD Toolkit plugin <= 1.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WP-NERD Toolkit versions = 1.1...

WordPress Import Export For WooCommerce plugin <= 1.6.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Import Export For WooCommerce versions = 1.6.2...

WordPress MooWoodle plugin <= 3.2.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan in WordPress Plugin MooWoodle versions = 3.2.4...

WordPress Exclusive Content Password Protect plugin <= 1.1.0 - CSRF to Arbitrary File Upload vulnerability

CSRF to Arbitrary File Upload vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Exclusive Content Password Protect versions = 1.1.0...

WordPress CDI plugin <= 5.5.3 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin CDI versions = 5.5.3...

WordPress SV Forms plugin <= 2.0.05 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin SV Forms versions = 2.0.05...

WordPress MyCurator Content Curation plugin <= 3.78 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin MyCurator Content Curation versions = 3.78...

WordPress Schema & Structured Data for WP & AMP Plugin <= 1.3.5 is vulnerable to Sensitive Data Exposure

Software Schema & Structured Data for WP & AMP Type Plugin Vulnerable versions = 1.3.5 Fixed in 1.36 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-49683 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fb194b3fd454 Credits Joshua...

WordPress WP SendFox plugin <= 1.3.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WP SendFox versions = 1.3.1...

WordPress VOD Infomaniak plugin <= 1.5.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin VOD Infomaniak versions = 1.5.7...

WordPress Wsify Widget plugin <= 1.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Wsify Widget versions = 1.0...

WordPress Brevo plugin <= 3.1.87 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Joshua Chan in WordPress Plugin Brevo versions = 3.1.87...

WordPress Keep Backup Daily plugin <= 2.1.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Keep Backup Daily versions = 2.1.1...

WordPress uListing plugin <= 2.1.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin uListing versions = 2.1.5...

WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 3.15.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin GiveWP versions = 3.15.1...